Microsoft Previews a More Unified Sign-In Approach for Applications

Microsoft announced a preview this week of its next-generation programming model that aims to consolidate user sign-ins with Azure Active Directory (AD) and Microsoft account.

This new model, simply called "v2," will make it easier for end users to log into applications. They can type either their work or personal e-mail addresses into a text box and be automatically directed to the right sign-in approach under the hood. The v2 model is part of Microsoft's broader effort "to merge the Microsoft Account and Azure AD cloud identity services," explained Alex Simons, director of program management at Microsoft's Identity and Security Services Division, per Microsoft's announcement.

Right now, separate buttons for work and personal logins need to be built into applications by developers. The new model promises to eliminate some of that work, allowing the use of a single button. It also promises a less clumsy sign-in experience for end users.

The v2 model uses OAuth 2.0 and OpenID Connect 1.0 protocols to "normalize requests and responses across Microsoft account and Azure AD," according to Stuart Kwan, a lead program manager on Microsoft's developer experience team. It eliminates the need to create "separate registrations for a native client and a back end service," he added. It works with various Active Directory Authentication Libraries for Android, iOS, Node.js, .NET and Universal Windows. A JavaScript library is still to come.

Microsoft's goals with v2 are to create a "single authentication model," as well as a "unified REST API." It plans to apply this improved sign-in approach across all of its own applications, too, Kwan indicated.

The v2 model is still at the preview stage, so it's unclear exactly when those goals will start to gel.

Microsoft updated an August security advisory this week to urge organizations using the Lightweight Directory Access Protocol in supported Windows systems to implement some configuration changes manually.